I got loads of war4 metros in operation now, but I have one, which is near my core, and is sitting constantly at 100% cpu usage. I cant see why and its driving me mad, affecting voip, etc..
v1.3.23b - 2x 2.4ghz sectors each with less than 10 cpe. 1x 5ghz p2p to another tower with around 100 cpe, and 1x 5ghz p2p link to a tower with adsl which is used to supply a handful of customers..
connected to the ethernet port 1 is a leased line, and ethernet2 is another war4 with 4x p2p links to other towers.
connection tracking is turned off.
RIP is enabled.
i cant see anything obvious in the logs. is there any way of finding out what the CPU is actually doing ?
if Lonnie, or someone has some time on their hands to take a look, I can pm a login ?

Things to look at, that can cause 100% CPU:1. What firewall rules are you using? layer-7 (if used) is very processor intensive.2. Disable netfilter if firewall is not used. this will reduce system load, plus give a good throughput boost.3. Lock your system down if it has a public IP. SSH bruit-force attacks will cause the system load to spike.

Also use the threshold feature to prevent the card from processing noise and other cruft that it does not need to. This will also lower the system load, and provide a performance boost.

What pegs our CPU is a SSH attack.
Easily checked by looking in the system log and it you see loads of entries for "child connection failed" or something to that effect, then you are being attacked.
We block all SSH inbound connections to our publics (on the AP's etc) other than ones form trusted sources.

This reminded me of a VDS issue we had the other day on my edge V3 router.

I've got 3 VDS interfaces, all setup exactly the same. I changed the CBQ settings and activated changes and one of the VDS conections would not route traffic through. The link was up, but no flow.

The CPU was constant 100% on the Edge router and the client router was spiking 100%, then normal, then 100%...etc System log showed a 111 error. Checked all my routing, nothing. I disabled the AES encryption and it came back up no problems. CPU load dropped back to normal.